SentinelOne Expands Singularity Marketplace

SentinelOne has unveiled integrations with IBM, Swimlane, and Intezer, increasing use case offerings available via its Singularity Marketplace. The new integrations cover security information and event management (SIEM), security orchestration, automation and response (SOAR), and malware analysis.

Ruby Sharma is SentinelOne’s head of technology partnerships.

“SentinelOne partners will benefit from access to SentinelOne’s unmatched security telemetry,” she said. “The integrations allow SentinelOne customers to defend themselves with the very best extended detection and response (XDR) technology while using the tools they are most familiar with. Allowing these already outstanding security tools to ingest the best security telemetry courtesy of SentinelOne, customers enjoy an enhanced level of security. With SentinelOne detecting threats in progress, and IBM, Swimlane and Intezer analyzing potentially malicious files and orchestrating incident response, joint customers can embrace a defense-in-depth strategy.”

The API integration between SentinelOne Singularity XDR, and IBM Security QRadar SIEM and SOAR consolidates visibility across SentinelOne managed endpoints, cloud workloads, identities and additional SOC tools, incorporating SentinelOne context for automated detection and response. SentinelOne filters its detections through IBM’s QRadar SIEM for correlation, triage and investigation.

The SentinelOne integration with Swimlane increases visibility and triage accuracy, reduces alert fatigue, and accelerates mean-time-to-respond. It leverages SentinelOne Singularity XDR APIs for Swimlane to trigger low-code automation playbooks, case management processes, and populate modular dashboards or reports. This joint solution provides centralized case management, automated incident enrichment, and alert remediation.

SentinelOne and Intezer combine to automatically triage incidents and provide advanced malware analysis verdicts, lessening the load on busy security teams. When SentinelOne detects a malicious activity, customers now have the option to automatically share alert data with Intezer for analysis. Intezer’s analysis is returned to SentinelOne for consolidated visibility and mitigation.